This week I have a few posts coming up on security, and this is Part 1. This one is sponsored, but all thoughts and experiences are my own.
Today marks Day 2 of being attack-free.
Don’t know what I’m talking about? Well, six months ago I wrote about a brute force attack on my blog, and how you can try to prevent getting your blog/website attacked. What I DIDN’T tell you though, was that the “attack” wasn’t a singular, one-off event, but it was an ongoing onslaught of attempts to get in through to my admin page. Now, they’re not particularly trying to get into my page in particular, but gaining access to my page will open the whole hosting network up to attacks.
And it’s been going on. For six long, boring months.
I haven’t spent much thought on it to be honest.
In fact, the only time I really think about it is when I have to log in my dashboard and go through three loops just to sign in. But that’s it; I’m in lockdown.
I have two-factor authentication set up on everything. I don’t use the same password twice, I use super long and oddly confusing passwords. And it’s a pain in the behind, but at least my content is safe. The little bubble I’ve built here, is safe and sound.
So, how do I know it’s Day 2 of being attack-free? Well, the morbid curiosity in me just has to rise up each time I log in and as it forces me to dig my phone out to check the pictures match, I check if this extra effort is still needed. And it’s just one little change I make; I stop the backend page from being hidden, and guess what? They flood in. I’m talking about the second I change it back to the original WP login page, I start getting emails from my security plugin with “a user has been logged out”. One every five seconds. Hide the backend again, and it all goes away. But when I logged in on Saturday?
Sweet, sweet silence.
And I was so excited. This little corner of the universe of mine was finally fairly safe. It would finally be over!
But it also got me thinking. If a stupid little tickbox on a plugin makes such a big difference, what else would? And when the opportunity presented itself*, I jumped at the chance:
You see, I might always lock my door when coming home, and I will never leave the keys actually in the lock. I never leave valuables in sight in my car, and I always shred all documents with personal information. I am completely obsessed with anything I can do to make my life secure, no matter how small a thing.
Yet I’m quite happy to print things. I mean, printing and scanning things itself isn’t a dangerous action unless you do something just HORRIBLY wrong. (Don’t store paper next to the printer. The triangle of fire; kindling, heat, airflow.)
But think about what you’re scanning, and what you’re printing. For an example, I moved recently and I’ve been changing my address on everything. And I’ve made copies of each request (because when you apply for a PR card, you need to have a printed record of EVERYTHING.), so somewhere in the memory of my WiFi printer, there are details for my drivers license, credit cards, doctors’ surgery, my social security number, my NI number, my bank account details, etc. It connects to my laptop, my husband’s laptop, our phones, our TV’s and our personal cloud. (and if you don’t know why I’m talking about printing and scanning, watch the second part of the HP series!)
Yet what’s the security on it?
It’s in my office.
Think of the average company. My employer is a small start-up, and we have 500-odd invoices through our ledger each month. Each invoice goes through the main printer. As do the funds transfer requests, supplier (and customer) contact details, payroll files, HR details, and so forth. If someone had access to that printer, they would have access to millions of pounds of our, our customers, our suppliers and our staff’s money. And if it were on the same network as our computers, they’d have access to twenty-odd computeres, chock-full of confidential information.
Which is why there computer runs on a separate network and connects to our office network via our IT provider’s own network, all of which are firewalled up to the hilt. But that’s because we’ve outsourced our IT.
Thinking realistically, how many small companies have the luxury of doing this? How many one-man-bands actually fully secure their networks against various attempts at getting at their information? As a blogger, my life is online. Yes, I have a day job, but at night I pour my silly thoughts out here, and there is money involved. From hosting to various invoicing requirements, there is a constant flow of sensitive information from my network to yours. This is a hobby blog. I don’t have the resources (or the will) to employ someone to do my IT for me. And even if I did, I probably wouldn’t want to as it’s so easy to do on your own! With the likes of HP coming up with new, innovative ways of keeping your home and your office secure, you don’t even need to have much of a technical head on your shoulders in order to survive.
It is such a simple thing to get started with. In the modern home and office, being wireless is so important. I need to look at blogs no matter where I am; living room, office or, you know, the place where most of our thoughts are born; the bathroom.
And yet we ignore the basic security of our devices, and we build ourselves these networks out of straw. We bumble through life, unassuming and thinking we’re safe and then wonder how the wolf gets in…
How’s your security?
*This is a sponsored post, but all thoughts and experiences are my own. And let’s face it, HP is doing a fantastic way of raising awareness to cyber security!